Taint analysis is a computer security methodology used to mitigate or prevent input to an application from corrupting data values within and output from the application. As an example, tainted values received by an application from an untrusted source are labeled or tagged. Similarly, when tainted values are used to modify other data values within the application, those data values become tainted (or tainted values) and are similarly labeled or tagged. Thus, the tainted values and their effects can be tracked within the application. When tainted values are output from the application (e.g., stored or provided to a user or client of the application), the use of a tainted value can be recorded to identify a potential security vulnerability in the application.
Additionally, some taint analysis systems remove the label or tag from a tainted value if a taint processing is applied to that tainted value. Accordingly, the use of tainted values to which a taint processing is applied is not recorded. A taint processing is a routine or method that is applied to a tainted value to prevent that tainted value from posing a security vulnerability in the application. For example, taint processing can be validation. That is, a tainted value can be provided to a validation routine to ensure that the tainted value does not include data that opens a security vulnerability in the application. If the tainted value does not include such data, the taint is removed and the application continues execution. If the tainted value does include such data, the application generates a security exception
As another example, taint processing can be sanitization. In other words, a tainted value can be provided to a sanitization routine to sanitize the tainted value of any data that opens a security vulnerability in the application. The label or tag is removed from tainted values provided to the sanitization routine.